A flaw (CVE-2022-38900) was discovered in one of Kibanaβs third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
6.5CVSS
6.5AI Score
0.004EPSS
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
6.1CVSS
6.1AI Score
0.001EPSS